Package org.bouncycastle.jcajce

Class PKIXExtendedParameters

    • Field Detail

      • PKIX_VALIDITY_MODEL

        public static final int PKIX_VALIDITY_MODEL
        This is the default PKIX validity model. Actually there are two variants of this: The PKIX model and the modified PKIX model. The PKIX model verifies that all involved certificates must have been valid at the current time. The modified PKIX model verifies that all involved certificates were valid at the signing time. Both are indirectly choosen with the PKIXParameters.setDate(java.util.Date) method, so this methods sets the Date when all certificates must have been valid.
        See Also:
        Constant Field Values

      • CHAIN_VALIDITY_MODEL

        public static final int CHAIN_VALIDITY_MODEL
        This model uses the following validity model. Each certificate must have been valid at the moment where is was used. That means the end certificate must have been valid at the time the signature was done. The CA certificate which signed the end certificate must have been valid, when the end certificate was signed. The CA (or Root CA) certificate must have been valid, when the CA certificate was signed and so on. So the PKIXParameters.setDate(java.util.Date) method sets the time, when the end certificate must have been valid.

        It is used e.g. in the German signature law.

        See Also:
        Constant Field Values

    • Method Detail

      • getDate

        public Date getDate()

      • isUseDeltasEnabled

        public boolean isUseDeltasEnabled()
        Defaults to false.
        Returns:
        Returns if delta CRLs should be used.

      • clone

        public Object clone()
        Description copied from class: Object
        Creates and returns a copy of this Object. The default implementation returns a so-called "shallow" copy: It creates a new instance of the same class and then copies the field values (including object references) from this instance to the new instance. A "deep" copy, in contrast, would also recursively clone nested objects. A subclass that needs to implement this kind of cloning should call super.clone() to create the new instance and then create deep copies of the nested, mutable objects.
        Specified by:
        clone in interface CertPathParameters
        Overrides:
        clone in class Object
        Returns:
        a copy of this object.

      • getTargetConstraints

        public PKIXCertStoreSelector getTargetConstraints()
        Returns the required constraints on the target certificate. The constraints are returned as an instance of Selector. If null, no constraints are defined.
        Returns:
        a Selector specifying the constraints on the target certificate or attribute certificate (or null)
        See Also:
        PKIXCertStoreSelector

      • getTrustAnchors

        public Set getTrustAnchors()

      • getInitialPolicies

        public Set getInitialPolicies()

      • getSigProvider

        public String getSigProvider()

      • isExplicitPolicyRequired

        public boolean isExplicitPolicyRequired()

      • isAnyPolicyInhibited

        public boolean isAnyPolicyInhibited()

      • isPolicyMappingInhibited

        public boolean isPolicyMappingInhibited()

      • getCertPathCheckers

        public List getCertPathCheckers()

      • isRevocationEnabled

        public boolean isRevocationEnabled()